We want everything, all the time...

[Dave Emery]

LEAs Propose Sweeping Changes In CALEA Compliance

Mar 31, 2004

Policy Specialists Warn Of Significant
Implications

The U.S. Department of Justice, Federal Bureau of Investigation and Drug
Enforcement Administration -- referred to in telecom circles as LEAs'
(an acronym for Law Enforcement Agencies) -- are pressing the FCC for
sweeping changes in the commission's rules governing compliance with the
1994 Communications Assistance for Law Enforcement Act (CALEA).
Specifically, the agencies are asking the commission to immediately
undertake a rulemaking that would:

Extend the LEAs' access for authorized wiretaps to a broad array of new,
packet-based networks, push-to-talk "dispatch" systems, and other
advanced communications technologies;

Establish firm, short deadlines for compliance by communications
services providers and networks that are deemed covered under CALEA;

Restrict the FCC's culture of granting extensions for CALEA compliance
by specifying the criteria for extensions of any benchmarks and
deadlines; and Establish procedures for enforcement actions against
entities that do not comply with their CALEA obligations.

Impact Potentially Broad

The LEAs' proposals, if fully adopted by federal regulators, could have
a major impact on many sectors of the telecommunications and information
technology services, as well as the manufacturing sectors, according to
policy experts in the Global Telecommunications and Technology Group at
the international law firm of Coudert Brothers LLP.

In a March 22 advisory to Coudert's clients, the firm's policy analysts
warned that hardware and software manufacturers could see a significant
demand for affordable solutions to bring a variety of communications
technologies into CALEA compliance. Special attention would be focused
on Internet-related, Voice over Internet Protocol (VoIP), and some
wireless technologies, if the LEA's primary objectives are achieved.

Indeed, providers of broadband access, broadband telephony, and advanced
communications technology could face relatively short deadlines to
implement either standardized or individual solutions so that law
enforcement can have ready access to their networks, if needed. Even
those operators and manufacturers that are already working towards CALEA
compliance could face more stringent deadlines for implementation of
solutions, if the LEAs' requests are even partially adopted by the FCC,
according to Coudert's experts.

Broader Compliance Required

In their joint petition to the FCC, the LEAs contend there is an urgent
need for the FCC to act in light of the rapid movement of traffic from
legacy switched-circuit systems to newer, packet-based systems. This
technological revolution is accompanied by the emergence of new
telecommunications service providers that may not fit neatly into the
definitions for telecommunications operators in the Communications Act
of 1934, as amended by the Telecommunications Act of 1996, they say.

The LEAs also claim that previous decisions by the commission have led
to continuing disputes between the law enforcement community and the
telecommunications and information services industries over which
services and providers are covered by CALEA. Thus, the LEAs advocate
that the FCC formally:

Identify the types of services and entities that are subject to CALEA;

Identify the services that are considered packet-mode services; and
Determine that broadband access services and broadband telephony
services are subject to CALEA.

Mobile Services

The petition urges the FCC to reaffirm its earlier decision that
push-to-talk "dispatch" services are subject to CALEA to the extent
these services are interconnected. The LEAs claim that these new systems
are being implemented without reference to CALEA obligations and
therefore the new networks are not accessible to law enforcement
wiretaps.
Future Services

The LEAs' petition advocates that the FCC establish rules that would
facilitate the easy and rapid identification of future CALEA-covered
services and entities. Such rules, they argue, would include any service
that is in competition with a service already complying with CALEA, any
entity offering electronic communications (including packet-switching
and transmission) to the public for a fee, and any packet-based
technology or service presently covered by CALEA, but offered over a new
communications technology.

Moreover, the LEAs propose that the FCC establish a procedure permitting
any provider that is uncertain whether its new technology is subject to
CALEA to seek clarification immediately from the FCC before implementing
the service.
Ending 'Automatic' Extensions

The petition states that because industry standards-setting bodies have
argued with the LEAs regarding the applicability of CALEA to
packet-based technologies, few standards have been published and those
that have are deficient. This lack of standards has provided an easy
excuse for manufacturers to postpone the production of equipment and
carriers to seek extensions of CALEA implementation deadlines, even
though, the LEAs argue, carriers are obliged to meet the deadlines with
either standardized or non-standardized solutions.

The LEAs are asking the FCC to:

Set implementation deadlines for CALEA compliance and require benchmark
filings by operators to keep the FCC informed as to their progress;

Require operators to state what type of interception technologies they
intend to implement on their packet-based networks;
Set short, closely monitored extensions of time; and

Establish procedures for enforcement actions if operators fail to meet
CALEA implementation deadlines.

Customers To Bear The Costs

The LEAs want the FCC to establish rules (1) confirming that carriers
bear the sole financial responsibility for complying with CALEA and
adapting post-1995 equipment, facilities and services; (2) permitting
carriers to pass the costs of the capital improvements required to make
networks CALEA-compliant onto their customers; and (3) requiring law
enforcement organizations only to pay for the cost of implementing
specific, duly authorized wiretaps, not the capital costs incurred to
make such wiretaps possible.

The FCC, which has been anticipating the LEAs' petition, has already put
the matter on public notice. The commission is asking all interested
parties to file comments by April 12and reply comments by April 27.

Filing of the petition by the LEAs came close on the heels of a Notice
of Proposed Rulemaking (NPRM) by the FCC regarding the proper regulatory
treatment of VoIP and other packet-enabled communications systems. The
NPRM referred to the importance of support for law enforcement agencies
by the communications industry and the FCC's plan to open a separate
rulemaking proceeding that would run in tandem with the NPRM. In placing
the LEAs' petition on public notice, the FCC reiterated that it would
work closely with the LEAs to make certain that their requirement for
support of lawfully authorized wiretaps are met.

Against the backdrop of the recent Madrid train bombings, coupled with
the intense scrutiny that national security and terrorism-related issues
are already receiving in the presidential election campaign, the FCC can
be expected to respond to the LEAs' petition as quickly as possible, the
Coudert experts say.  However, the issues raised by the LEAs will be
difficult to resolve both legally and in practical terms, given the
architecture of modern telecommunications networks, they add.

www.telecomweb.com
-- 
   Dave Emery N1PRE,  die at dieconsulting.com  DIE Consulting, Weston, Mass 02493